Republic of Korea: Personal Information Protection Commission fined Incruit KRW 463 million following 2025 personal data breach affecting 7.3 million job-seekers

Personal Information Protection Commission fined Incruit KRW 463 million following 2025 personal data breach affecting 7.3 million job-seekers

On 23 October 2025, the Personal Information Protection Commission (PIPC) fined Incruit KRW 463 million for a personal data breach affecting 7,275,843 members of its online recruitment platform, in violation of the safety-measure obligation under Ar…

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

other service provider

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2023-07-12

in force

On 12 July 2023, the Korean Personal Information Protection Commission (PIPC) issued its ruling in …

2025-10-23

in force

On 23 October 2025, the Personal Information Protection Commission (PIPC) fined Incruit KRW 463 mil…

2026-05-14

concluded

On 14 May 2026, the Personal Information Protection Commission (PIPC) reported that Incruit complet…

Description

Personal Information Protection Commission fined Incruit KRW 463 million following 2025 personal data breach affecting 7.3 million job-seekers

Scope

Complete timeline of this policy change